Log in

  1. The Goodies - Apart-Height (TV)

    A subversive lampooning of casual racism.

  2. Robert A. Heinlein - The Moon Is A Harsh Mistress (Book)

    Revolutionaries goad an inept authoritarian regime into
    its own destruction, then discover being in charge isn't all they expected.

  3. Paul Verhoeven - Starship Troopers (Film)

    Vastly different from the far more serious book, this
    biting satire shows how TV news manipulates public opinion.

  4. Mira Grant - Feed (Book)

    A near-future look at post-mainstream media and a presidential campaign. (With zombies!)

  5. Cory Doctorow - Little Brother (Book, free download)

    Disturbing portrait of what the slide into fascism could look like

Five things I wish my car’s nonexistent e-ink rear window could write:

  • I’m finished shopping, I just want to get out of this carpark

  • I live in this street, I am not taking a commuter shortcut

  • I stop at pedestrian crossings

  • I need to turn right, please let me merge

  • I’m looking for an address, just go around me

So I don't often go to the cinema since I hate the Clockwork-Orangesque force-feeding of advertisements, and prefer to wait for streaming release.

I have today off, so I'm dragging my sorry ass out to see Ghostbusters because I want manbabies to explode.

I'm checking session times at my local indie cinema, and I see THIS:


Holy L-Ron fucking Hubbard on a Segway. These people are made out of spam.

Preemptive Inbox Zero

Many people struggle with a towering email inbox full of unread mail. Here's how I keep mine preemptively pristine.

I've been gardening this approach for over 15 years, and these days anything that reaches my inbox is almost certain to be important.

I use procmail to filter my mail, but you can also achieve this with the mail filters of your reader. If you're using gmail, use their filter settings. If you're using MacOS, see Apple Mail's rules. If you're using Windows, go fuck yourself. (ht jwz)

  1. Use a good spam filter. I used to maintain my own, but I gave it up. I pay for pobox.com for their redirection and excellent spam filtering. Gmail is good too.

  2. If you join any mailing list, create a folder for it, and use the first message you get from the list to create a rule that sends all subsequent messages to that folder.

  3. People on your whitelist go straight to inbox (boss, spouse, friends)

  4. Any other automated email you receive goes to subfolders (I have folders 'alerts', 'bulletins', 'housekeeping', 'reports')
    If something like this finds its way through to your inbox, rule it out. You could also give 'you+them@yourdomain.net' type addresses to each service you subscribe to, and filter on that.

  5. [optional] Anything from co-workers (mail from your domain, but not matching above 3 rules) to a folder named 'intray'

  6. If you have multiple addresses that all go to one mail server (e.g. catchall addresses for personal domains), create a subfolder for each. Anything not matching above rules, but to (or CC) a secondary address, goes into appropriate folder.

  7. Anything remaining goes to 'slopbucket'. This is mostly spam, and occasional true blind-CC
    (Whitelist anyone who frequently blind-CCs you). This is also where new bulletins and alerts that you forgot to filter will land, and actual people who've never emailed you before.

A complete copy of my procmail rule file (~150 rules) is available courtesy of a procmail rule auto responder (email procmail at unixbigot.id.au with subject 'sendprocmail').

Emergent Conspiracy

I only joined Facebook at all to see pictures of my two nieces. (Then people started wanting to be my "friend" and tagging me in their old photos.)

The remarkable take-home from my infrequent exposure to Facebook (et al.) is that the children of the 21st century (like my sister's kids) will grow up alongside a large database of photographs of them having metadata identifying each person in that photograph. Their parents' generation are also now retrospectively identifying the faces in their own photographs of themselves and their associates. Speeding the process up, Facebook now has automatic face tagging enabled by default. Apple's iTunes has had this feature for a few years already, as has Google's Picasa.

Secondly, the current crop of cheap-as-dirt point and shoot cameras has amazingly good and fast face detection. If there aren't already security cameras that can do "find the faces in this video feed, then quickly pan/zoom to frame and capture each face in turn", you can bet there will be real soon; casinos and pubs will be all over that, as will countries like Australia and Britain, plus every fascist dictatorship everywhere. Captured photos can then go to offline face-detection. Cellular phones are already effective tracking devices, but you can always leave your phone at home.

The final piece of the panopticon dropped into place with Apple's iCloud -- automatic uploading of photographs over wifi. You can bet pretty much every camera brought to market from now on will do this.

So given:

  1. Several massive databases of face-tagged photographs (Apple's, Google's and Facebook's)
  2. Most consumer cameras uploading pictures to the cloud in near real time
  3. Municipal face-harvesters (sorry, "safety cameras")
  4. Government access (overtly or covertly) to all of the above databases

You have crowdsourced real time tracking of EVERYONE and a near total database of their KNOWN ASSOCIATES, without governments having to legislate for it, or even issue identity cards. It wasn't necessary for the Evil League Of Evil to plan this, it just emerged from the market. And it's too late to get un-fucked.

False positives, the big point of failure in previous attempts at the face-scanning panopticon no longer matter so much; if you want to know who was at a given event, or where person X is now, the side channel data from cellphones and social connections can be used to winnow through the partial matches. If you have an 80% match for person X and also for 3 of their friends at one event, (or if their cellphone is known to be in the same general location) then the match can be confirmed without human intervention.

So, remember to wear your dazzle paint when you go out, OK?!
Specs are for the weak.

   **** This file had errors that were repaired or ignored.
   **** The file was produced by: 
   **** >>>> Acrobat Distiller 7.0.5 (Windows) <<<<
   **** Please notify the author of the software that produced this
   **** file that it does not conform to Adobe's published PDF
   **** specification.

Damning with faint parking perks

At the train station near my office (Toowong, Qld) there is a "Park and Ride" carpark for commuters.
Three of the spots closest to the train station are reserved for handicapped users. They're almost always empty.

The carpark is otherwise so full people have parked *on top of* people who've parked on the no-parking paintwork.

Now, since the distance to the actual station from the carpark is about six times the length of the entire carpark, including four flights of ramp, I'm sure the nonexistent handicapped users appreciate their priority parking.

Perhaps some of the car parks *right next to* the station at the top of the ramp could be designated disabled PnR?

No need to shout

My preference falls somewhere between 'minimal' and 'ultraminimal'.


Five Reasons Conroy's Wall Is Bullshit

1. Teenage boys.

When I worked in the filter industry ACMA added a handful of sites to the blocklist each week. During the same interval teenage boys at the schools that purchased the filter product I worked on managed to find HUNDREDS of new anonymous proxy servers each week.

2. The Darknet.

By the time Gummints notice a technology, it's old hat. The web is probably not what the kind of vile swill who seek kiddy pr0n even use any more.

3. Encryption

We has it.

4. Jiggabytes

Filtering the web was barely feasible ten years back when this cockamamie idea was dreamed up. Nowadays you can get home broadband plans with TERABYTES. Filter that.

5. Wikileaks.

We live in a post-secrecy society. Remember what happened when the DVD CCA tried to supress a leaked encryption key?

Part 2 - Mrs Grundy Goes To Canberra

The Great Firewall is an instance of the time honoured
Military-Industrial-Hollywood-Complex tactic of getting the government
to legislate a market for your products. The anti-virus and "desktop
nanny" companies managed to get free money by convincing the previous
government to subsidise supply of their products. The compromise
reached on the Liberal government's attempts to filter the internet
was that ISPs were required to offer filtering software to
customers, paid for by government subsidy.

The network-level filtering firms saw this happening and wanted in at
the trough. During the Howard administration the idea was formed to
lobby for a national network-level porn filter, by bad-mouthing the
effectiveness of home firewalls and desktop filtering. When it became
apparent that the argument was not having an effect on the then
communications minister and department, and with an election due, the
industry instead focused its lobbying efforts on the then-opposition,
particularly shadow minister Stephen Conroy.

To give the industry some credit for not being complete crunts, they
were at least only lobbying for the same opt-in subsidy as was
available to desktop filter vendors. The mandatory single
part is as far as I know, Senator Conroy's own brainchild.

I want to focus on the "secret blacklist" today. Many people have
asked how we can trust the government to be allowed the power to
secretly block speech and publishing without oversight. For several
years I maintained a filter vendor's copy of the secret list, and I
can tell you firsthand about the feelings of trust this engendered.

A national filter of course requires a list of things to be filtered.
The national blacklist has been a reality for many years, born out of
the previous government's censorship legislation, as the ability to
block everything on it was a condition of eligibility for the subsidy
created by previous legislation. The list is maintained by the
Australian Communications and Media Authority (ACMA) under the the
Broadcasting Services Act of 1992. It is distributed to filter
vendors (both desktop and network) who build it into their products.
Typically a vendor has their own classification database which they
can block in addition to the mandatory list provided by ACMA. A
filter vendor may classify millions of URLs, far beyond the tens of
thousands on the ACMA list, and provide configurable levels of
blocking to subscribers.

Much of the content of the ACMA blacklist is child porn, a distressing
amount of it. I'm not talking about photos of girls soccer teams, or
even illicit upskirts, I mean pictures of little girls and boys with dicks
in their mouths (and worse). But the list is by no means all undeniably
vile. Some of it is mainstream adult sites. There's a smattering of
teen grossout sites. Some of it is drug or medical information. Some
of it is political speech. Some of it was listed for no reason I
could see.

But what is more concerning than the content of the list is the way it
was managed. Additions were sent out weekly, in plain email addressed
to a list of filter companies. There appeared to be no real process
for removals---instead the list would, once or so each year, be
"washed" and replaced with a new master list, then weekly additions
would continue.

I did not observe evidence of coordinated intent informing additions;
I believe added URLs came purely from public complaints, and maybe
results of law enforcement investigations . There did not appear to
be any proactive plan for discovering material to be added to the
list. You or I could probably name a few famous sites we think would
be on the list but aren't.

Every week I would receive the list of added URLs, typically between
five and thirty new URLs each week. There was no set format to the
mail, sometimes it was text, sometimes it was HTML, sometimes with
protocol leaders, sometimes without. Font size was random and would
vary within the list. It appears that somebody was manually pasting
URLs into an email, resulting in haphazard spacing and formatting.
Automating the process of amending the vendor's copy of the blacklist
was quite a challenge.

The URLs themselves did not appear to be intelligently vetted or
canonicalised--a common mistake was a domain.name..with.double.dot.
Presence or absence of www. leaders or trailing slashes was
inconsistent. Often an entire domain was listed, but other times an
update would list just two or three pages at one site, but by no means
all the objectionable pages. Often URLs containing query strings, or
usernames, or denoting single media files were listed. URLs
representing search engine queries were listed.

It was only a requirement for compliant filters to block the
exact listed URLs, so if http://example.com?ref=othersite.cc
was listed, then http://example.com would remain unblocked.

Sometimes you would see http://ickysite.tld/ added, and then months
later several URLs of the form http://ickysite.tld/gross.jpg would be

The email always stressed that "the Australian Communications and
Media Authority has conducted an investigation into internet content
located at the following addresses" and that each of those URLs had
been reviewed and deemed to be "prohibited or potentially prohibited
content as defined by the Broadcasting Services Act 1992". The review
process however did not seem to extend to conscious thought.

The people maintaining this list either have no volition to modify the
URL in the complaint, or no clue what they are doing. Blocking the
userpage of a particular YouTube user, for example, does not block
their videos, which presumably are the actual objectionable content.
One update would selectively block three or four pages at a really
objectionable site, while another would block the entire domain of a
"mainstream" non-extreme adult site. Adult sites Redtube,
fleshbot, stileproject, youporn all received
a blanket block. But, and I am not making this up, ACMA
"investigation" revealed that only the single page
http://extremetube09.com/index.php?id=17&sid=141 was
"potentially prohibited".

I do not know whether the behaviour I observed from ACMA was a
consequence of the constrained scope of the current opt-in blocking
legislation or prima facie evidence of incompetence. In either case I
am not inspired to trust ACMA one whit to do a comprehensive or
reliable job.

Aside from the political and moral justifications for or against
censorship, what Australian internet users are faced with here is
either submission to a capricious, incompetent and ineffective censor
that blocks content largely at random, or blind rubber-stamping of
any vaguely risqué URLs nominated by anonymous complainants.
Either of those alternatives is a nightmare.

In 2008 ACMA responded to concerns from filter vendors that their
distribution mechanism for this purportedly secret information was
insecure and too labour intensive. Their response was to switch to
emailing a password-protected ZIP archive (sometimes wrapped as
self-extracting-executable), and require filter vendors to reply
giving a cellular telephone number to which the password could be sent
via SMS.

They appeared genuinely baffled as to why a emailing .ZIP or .EXE
file, with password via SMS was not acceptable to vendors as a
"security" solution. Never mind that neither of those technologies is
even vaguely secure, as a professional business communication
procedure it is laughable. Briefcases in the park would be preferable(*).

Handing ACMA any more power than they already have is putting the
Village Idiot in charge of the nuclear power plant.

Next time I want to talk about why a national filter cant work no
matter what URLs are added to any lists.

* To their credit I understand that, shortly after I left the industry
in 2009, ACMA consulted with vendors and chose a new distribution
method involving modern web protocols.